1
22
23 package com.liferay.portlet.shopping.action;
24
25 import com.liferay.portal.kernel.log.Log;
26 import com.liferay.portal.kernel.log.LogFactoryUtil;
27 import com.liferay.portal.kernel.util.HttpUtil;
28 import com.liferay.portal.kernel.util.ParamUtil;
29 import com.liferay.portal.util.PortalUtil;
30 import com.liferay.portlet.shopping.NoSuchOrderException;
31 import com.liferay.portlet.shopping.model.ShoppingOrder;
32 import com.liferay.portlet.shopping.service.ShoppingOrderLocalServiceUtil;
33 import com.liferay.portlet.shopping.util.ShoppingPreferences;
34 import com.liferay.portlet.shopping.util.ShoppingUtil;
35
36 import java.io.BufferedReader;
37 import java.io.InputStreamReader;
38 import java.io.PrintWriter;
39
40 import java.net.URL;
41 import java.net.URLConnection;
42
43 import java.util.Enumeration;
44
45 import javax.servlet.http.HttpServletRequest;
46 import javax.servlet.http.HttpServletResponse;
47
48 import org.apache.struts.action.Action;
49 import org.apache.struts.action.ActionForm;
50 import org.apache.struts.action.ActionForward;
51 import org.apache.struts.action.ActionMapping;
52
53
58 public class PayPalNotificationAction extends Action {
59
60 public ActionForward execute(
61 ActionMapping mapping, ActionForm form, HttpServletRequest request,
62 HttpServletResponse response)
63 throws Exception {
64
65 String invoice = null;
66
67 try {
68 if (_log.isDebugEnabled()) {
69 _log.debug("Receiving notification from PayPal");
70 }
71
72 String query = "cmd=_notify-validate";
73
74 Enumeration<String> enu = request.getParameterNames();
75
76 while (enu.hasMoreElements()) {
77 String name = enu.nextElement();
78
79 String value = request.getParameter(name);
80
81 query = query + "&" + name + "=" + HttpUtil.encodeURL(value);
82 }
83
84 if (_log.isDebugEnabled()) {
85 _log.debug("Sending response to PayPal " + query);
86 }
87
88 URL url = new URL("https://www.paypal.com/cgi-bin/webscr");
89
90 URLConnection urlc = url.openConnection();
91
92 urlc.setDoOutput(true);
93 urlc.setRequestProperty(
94 "Content-Type","application/x-www-form-urlencoded");
95
96 PrintWriter pw = new PrintWriter(urlc.getOutputStream());
97
98 pw.println(query);
99
100 pw.close();
101
102 BufferedReader br = new BufferedReader(
103 new InputStreamReader(urlc.getInputStream()));
104
105 String payPalStatus = br.readLine();
106
107 br.close();
108
109 String itemName = ParamUtil.getString(request, "item_name");
110 String itemNumber = ParamUtil.getString(request, "item_number");
111 invoice = ParamUtil.getString(request, "invoice");
112 String txnId = ParamUtil.getString(request, "txn_id");
113 String paymentStatus = ParamUtil.getString(
114 request, "payment_status");
115 double paymentGross = ParamUtil.getDouble(request, "mc_gross");
116 String receiverEmail = ParamUtil.getString(
117 request, "receiver_email");
118 String payerEmail = ParamUtil.getString(request, "payer_email");
119
120 if (_log.isDebugEnabled()) {
121 _log.debug("Receiving response from PayPal");
122 _log.debug("Item name " + itemName);
123 _log.debug("Item number " + itemNumber);
124 _log.debug("Invoice " + invoice);
125 _log.debug("Transaction ID " + txnId);
126 _log.debug("Payment status " + paymentStatus);
127 _log.debug("Payment gross " + paymentGross);
128 _log.debug("Receiver email " + receiverEmail);
129 _log.debug("Payer email " + payerEmail);
130 }
131
132 if (payPalStatus.equals("VERIFIED") && validate(request)) {
133 ShoppingOrderLocalServiceUtil.completeOrder(
134 invoice, txnId, paymentStatus, paymentGross, receiverEmail,
135 payerEmail, true);
136 }
137 else if (payPalStatus.equals("INVALID")) {
138 }
139
140 return null;
141 }
142 catch (Exception e) {
143 PortalUtil.sendError(e, request, response);
144
145 return null;
146 }
147 }
148
149 protected boolean validate(HttpServletRequest request) throws Exception {
150
151
153 String ppInvoice = ParamUtil.getString(request, "invoice");
154
155 ShoppingOrder order = ShoppingOrderLocalServiceUtil.getOrder(
156 ppInvoice);
157
158 ShoppingPreferences shoppingPrefs = ShoppingPreferences.getInstance(
159 order.getCompanyId(), order.getGroupId());
160
161
163 String ppReceiverEmail = ParamUtil.getString(
164 request, "receiver_email");
165
166 String payPalEmailAddress = shoppingPrefs.getPayPalEmailAddress();
167
168 if (!payPalEmailAddress.equals(ppReceiverEmail)) {
169 return false;
170 }
171
172
174 double ppGross = ParamUtil.getDouble(request, "mc_gross");
175
176 double orderTotal = ShoppingUtil.calculateTotal(order);
177
178 if (orderTotal != ppGross) {
179 return false;
180 }
181
182
184 String ppCurrency = ParamUtil.getString(request, "mc_currency");
185
186 String currencyId = shoppingPrefs.getCurrencyId();
187
188 if (!currencyId.equals(ppCurrency)) {
189 return false;
190 }
191
192
194 String ppTxnId = ParamUtil.getString(request, "txn_id");
195
196 try {
197 ShoppingOrderLocalServiceUtil.getPayPalTxnIdOrder(ppTxnId);
198
199 return false;
200 }
201 catch (NoSuchOrderException nsoe) {
202 }
203
204 return true;
205 }
206
207 private static Log _log =
208 LogFactoryUtil.getLog(PayPalNotificationAction.class);
209
210 }